* Exim - an Internet mail transport agent *
*************************************************/
+/* Copyright (c) The Exim Maintainers 2020 - 2022 */
/* Copyright (c) University of Cambridge 1995 - 2018 */
-/* Copyright (c) The Exim Maintainers 2020 */
/* See the file NOTICE for conditions of use and distribution. */
+/* SPDX-License-Identifier: GPL-2.0-or-later */
#define DELIVER_BUFFER_SIZE 4096
#define PENDING_OK (PENDING + OK)
+#ifndef DISABLE_TLS
+/* Flags structure for validity of TLS configuration */
+
+typedef struct {
+ BOOL conn_certs:1; /* certificates etc. loaded */
+ BOOL cabundle:1; /* CA certificates loaded */
+ BOOL crl:1; /* CRL loaded */
+ BOOL pri_string:1; /* cipher priority-string cache loaded */
+ BOOL dh:1; /* Diffie-Helman params loaded */
+ BOOL ecdh:1; /* EC Diffie-Helman params loaded */
+
+ BOOL ca_rdn_emulate:1; /* do not advertise usable-cert list */
+ BOOL ocsp_hook:1; /* need hshake callback on session */
+
+ void * libdata0; /* library-dependent preloaded data */
+ void * libdata1; /* library-dependent preloaded data */
+} exim_tlslib_state;
+#endif
+
+
/* Private structure for the private options and other private data. */
typedef struct {
uschar *dscp;
uschar *serialize_hosts;
uschar *hosts_try_auth;
+ uschar *hosts_require_alpn;
uschar *hosts_require_auth;
uschar *hosts_try_chunking;
#ifdef SUPPORT_DANE
int size_addition;
int hosts_max_try;
int hosts_max_try_hardlimit;
- int message_linelength_limit;
+ int message_linelength_limit;
BOOL address_retry_include_sender;
BOOL allow_localhost;
BOOL authenticated_sender_force;
uschar *socks_proxy;
#endif
#ifndef DISABLE_TLS
+ uschar *tls_alpn;
uschar *tls_certificate;
uschar *tls_crl;
uschar *tls_privatekey;
uschar *tls_require_ciphers;
# ifndef DISABLE_TLS_RESUME
+# define HNE_DEFAULT US"${if and {{match{$host}{.outlook.com\\$}} {match{$item}{\\N^250-([\\w.]+)\\s\\N}}} {$1}}"
+ uschar *host_name_extract;
uschar *tls_resumption_hosts;
# endif
const uschar *tls_sni;
#ifdef EXPERIMENTAL_ARC
uschar *arc_sign;
#endif
+#ifndef DISABLE_TLS
+ exim_tlslib_state tls_preload;
+#endif
} smtp_transport_options_block;
#define SOB (smtp_transport_options_block *)
BOOL pending_BDAT:1;
BOOL RCPT_452:1;
BOOL good_RCPT:1;
+#ifdef EXPERIMENTAL_ESMTP_LIMITS
+ BOOL single_rcpt_domain:1;
+#endif
BOOL completed_addr:1;
BOOL send_rset:1;
BOOL send_quit:1;
+ BOOL send_tlsclose:1;
+ unsigned peer_offered;
+#ifdef EXPERIMENTAL_ESMTP_LIMITS
+ unsigned peer_limit_mail;
+ unsigned peer_limit_rcpt;
+ unsigned peer_limit_rcptdom;
+#endif
+
+ unsigned max_mail;
int max_rcpt;
int cmd_count;
- unsigned peer_offered;
unsigned avoid_option;
uschar * igquotstr;
uschar * helo_data;
uschar * helo_response;
#endif
#ifndef DISABLE_PIPE_CONNECT
+ /* Info about the EHLO response stored to / retrieved from cache. When
+ operating early-pipe, we use the cached values. For each of plaintext and
+ crypted we store bitmaps for ESMTP features and AUTH methods. If the LIMITS
+ extension is built and usable them at least one of the limits values cached
+ is nonzero, and we use the values to constrain the connection. */
ehlo_resp_precis ehlo_resp;
#endif